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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH{S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the maUing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- NO perd for reply ts'^ above, the maximum statutory period will apply and will expire SIX (6) MO^JH^ from m^^^^^ communication. 

- Failure to reply within the set or extended period for reply vvri II. by statute, cause the application to become ABANDONED (35 US. C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if dmety filed, may reduce any 
earned patent term adjustment See 37 CFR 1.704(b). 

Status 

1)13 Responsive to communication(s) filed on 14 May 2001. 
2a)n This action is FINAL, 2b)l3 This action is non-final. 

3) n Since this application is in condition for allowance except for fomnal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) |E Claim(s) MA is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim{s) is/are allowed. 

6) 13 Claim(s) Mi is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing{s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the con-ection is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). - 
3)D All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 
2.D Certified copies of the priority documents have been received in Application No. 



3.n Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claims 1-14 are pending. 
/ 2. The Information Disclosure Statements respectfully submitted on 14 May 2001 

has been considered by the Examiner. 

Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1-2, 5-6,9-10, and 13-14 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Robin et al. (Analysis of the Intel Pentium's Ability to Support a Secure 
Virtual Machine Monitor). Referring to the rejection of claims 1 and 9, Robin et al. 
discloses a system and method comprising: a computer system where the computer 
system includes a processor (See page 2, Section 1), an operating system software- 
program loaded onto the processor of the computer system (See page 2, Section 1 .1). a 
type-ll virtual-machine monitor software program loaded onto the operating system (See 
page 4, Section 2.1, and page 5. Section 2.4), a user definable number of non-sensitive 
virtual machines, a user definable number of sensitive virtual machines, where each 
sensitive virtual machine has a user definable sensitivity level, a user definable number 
of encryption virtual machines where each encryption virtual machine is connected to 
one of the user definable number of sensitive virtual machines, and where each 
encryption virtual machine includes at least one encryption algorithm capable of 



Application/Control Number: 09/854,81 8 Page 3 

Art Unit: 2137 

encrypting information from the corresponding sensitive virtual macliine according to the 
corresponding sensitivity level and a router virtual machine connected to each non- 
sensitive virtual machine and each encryption virtual machine (See page 5, Section 2.4 
and 2.5, page 6, Requirement 3 Section and page 10, Section 4.1) 
As per claims 2 and 10, Robin et al. discloses the claimed limitation wherein the 
operating system software program is selected from the group of operating system 
software programs consisting of Windows 2000, Windows NT, Linux, and any other 
suitable operating system (See page 12, Section 4.3.2) 

As per claims 5 and 13, Robin et al. discloses the claimed limitation wherein comprising 
a server connected to each non-sensitive virtual machine and each sensitive virtual 
machine (See page 12, Section 4.3.3) 

As per claim 6, Robin et al. discloses the claimed limitation wherein the server is 
selected from the group of servers consisting of a stand-alone device and a virtual 
machine (See page 3, Section 1.4, and page 4, Section 2.1) 
As per claim 14, Robin et al. discloses the claimed limitation wherein the step of 
checking to see that each encryption virtual machine is operating properly and if not, 
disconnecting the router virtual machine from a network (See page 8, Section 3.2.1 ) 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 3-4, 7-8, and 11-12 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over Robin et al. In view of Morgan et al. (U.S. Patent 5,893,084). 

Referring to the rejection of claims 1 and 9, Robin et al. discloses the invention as 

claimed. However. Robin et al. does not explicitly disclose means for encrypting within a 

virtual machine monitor. As per claims 3 and 11. (Robin et al. as modified) discloses 

the claimed limitation wherein each of the encryption virtual machines outputs 

information according to Internet Protocol Security standards (See Morgan et al., 

Column 5,, lines 61 -67, Column 6, lines 1-11) 

As per claims 4 and 12, Robin et al. as modified discloses the claimed limitation wherein 
each of the encryption virtual machine includes at least one encryption algorithm 
selected from the group of encryption algorithms consisting of an encryption algorithm, 
a key exchange algorithm, a digital signature algorithm, and any combination thereof 
(See Morgan et al.. Column 6, lines 25-64) 

As per claim 7, (Robin et al. as modified) discloses the claimed limitation wherein 
comprising a checker (adder) connected to each of the encryption virtual machines and 
to the router virtual machine in (See Morgan et al.. Column 70, lines 45-52, 65-67, 
Column 71, lines 1-7) 

As per claim 8, (Robin et al. as modified) discloses the claimed limitation wherein the 
checker (adder) is selected from the group of checkers consisting of a stand-alone 
device and a virtual machine in (See Morgan et al.. Column 71 , lines 8-46) 
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Therefore, it would have obvious to a person having ordinary skill in the art at the time 
the invention was made to modify Robin et al.'s virtual monitor machine by combining 
Morgan et al.'s rule-based encryption virtual machines. Motivation for such an 
implementation is taught by Morgan et al. in Column 4, lines 20-30. 

Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Robinson et al. (U.S. Patent No. 5,522,075) discloses protection 
ring extension for virtual machine monitors. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Courtney D. Fields whose telephone number is 571- 
272-3871 . The examiner can normally be reached on Mon - Wed. 6:00 - 6:00 pm; Thur. 
6:00 - 10 am. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on 571-272-3868. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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